After Tuesday’s revelation about the possibility of lie-ins I took it easy yesterday morning, and got to Paddington around lunch time for the afternoon sessions.
The first afternoon session was the DNS privacy working group. I have not been paying as much attention to this work as I should have, despite being keen on deploying it in production.
So far, this WG has specified DNS-over-TLS, DNS-over-DTLS, and EDNS padding (which aims to make traffic analysis harde by quantizing the lengths of DNS messages), and more details about server authentication.
They are working on recommendations for DNS privacy service operators which looks like it will have some pertinent advice - it’s on my list of documents to review, and I got the impression from the summary presentation that it’s likely to have some helpful ideas I can use when reviewing my services’ privacy policies for GDPR.
Roland van Rijswijk-Deij presented a neat application of Bloom filters for privacy-preserving collection of DNS queries. The idea is that if you have a set of known bad queries (e.g. botnet C&C, compromised web sites) you can check the Bloom filter to retrospectively find out if anyone made a bad query, and that you need to follow up with a more detailed investigation.
Finally, there was some discussion about a second phase of work for the group. Stéphane Bortzmeyer has a draft about DNS privacy for the resolver-to-authoritative path. This is in need of more discussion and feedback.
There was some discussion about authentication mechanisms for IP address certificates (likely to be of interest for dprive DNS servers). The draft suggests using the reverse DNS, and there were a lot of comments in the meeting that this is probabaly not secure enough: there isn’t necessarily a good coupling between authentication of IP address ownership and authentication of reverse DNS ownership. I pointed out that in many enterprises, DNS and routing are handled by different teams; I forgot to mention that in the RIPE databse (for example) they are also represented by separate objects that can have separate access control configurations. So this draft needs a rethink.
Another topic of interest was how to fix the broken TLS-SNI-01 challenge. As I understand it the draft replacement uses TLS ALPN (application layer protocol negotiation, which allows a TLS client to say it wants to speak something other than HTTP). This is fiddly, but the idea for these challenges is to have close integration with an HTTPS web server, to minimize support glue scripts.
Outside working group meetings I discussed the IP fragmentation considered fragile draft with a few people, and my idea for a DNS-specific followup. Idecided I should go ahead and try to get the ball rolling, so I posted some notes on reducing fragmented DNS-over-UDP to the dnsop WG list.
The final session of the day was the Plenary meeting. This includes a certain amount of meta-discussion about how the meetings are run - announcements of future locations, budgeting, changes to memberships of senior committees, etc. This time there are about 1200 on-site attendees, 400 remote, and the money to pay for the meeting is about $804,000 in attendance fees, plus $521,000 in sponsorship.
There were a few presentations on expanding access to the Internet to sub-Saharan Africa and to areas with low population density. It seems there is currently a boom in satellite communications, and the satellite engineers are doing lots of cool things with multi-path communications to avoid rain fade, and maybe in the not too distant future, direct sat-to-sat relaying over space lasers. Awesome.
A lot of the plenary is for open mic sessions, where anyone can quiz the senior committees (the Internet Architecture Board, IAB; the IETF administrative oversight committee, IAOC; and the Internet Engineering Steering Group, IESG, which is the committee of IETF area directors). It struck me that the composition of these committees is about 1/3 women, which is considerably better than the IETF at large - the bulk of the attendees are white Americans and European middle-aged men.
I had an anti-social lunch, but after I bailed out of the plenary before the IAOC open mic, I found a pub with a few folks from Sinodun and nic.at. We had a pleasant chat, although I managed to knock my beer over, so I went home unpleasantly moist and smelly. D’oh!